An automated threat intelligence aggregator providing a central hub for supply chain attacks and actively exploited vulnerabilities.
SIEM Ingestion Feed (JSON)pnpm disclosed a cluster of package-manager vulnerabilities affecting lockfile integrity, Git dependency fetching, repository registry configuration, patch application, and symlink creation; responders should inventory vulnerable pnpm versions and review credential-bearing install paths.
CycloneDX cdxgen before 12.4.3 could execute shell metacharacters from repository-controlled Maven module paths when scanning attacker-controlled projects, putting developer workstations and CI SBOM runners at risk.
On June 26, 2026, multiple @immobiliarelabs Backstage plugin versions were published to npm with a binding.gyp node-gyp hook and a new 5 MB index.js payload. Treat affected Backstage builds and developer or CI installs as credential exposure until lockfiles, package caches, and downstream audits are clean.
StepSecurity disclosed a June 24, 2026 Leo Platform npm supply-chain compromise affecting 20 packages published in a three-second burst. Socket and Sonatype then tied three more malicious npm packages to the same Miasma / Mini Shai-Hulud Phantom Gyp tradecraft, extending the incident into a 23-package campaign update.
Mutable refs for simonecorsi/mawesome including latest, v1, v2, and v2.2.0 currently resolve to a composite action that installs Bun and always runs an obfuscated JavaScript payload, exposing GitHub Actions runners that still trust those tags.
An attacker force-pushed a malicious composite action into codfish/semantic-release-action and moved fifteen published tags to that commit, exposing GitHub Actions runners that still trusted mutable refs such as v3, v4, and v5.
Socket says two trojanized Open VSX extensions delivered a TinyGo-compiled WebAssembly loader that read Solana memo data to resolve `dodod[.]lat`, then built OS-specific download-and-execute commands for developer endpoints.
StepSecurity and JetBrains say 15 malicious JetBrains Marketplace plugins stole AI provider API keys from developers, then a remote kill-switch and marketplace purge removed the listings and banned the publisher accounts.
Sonatype and JFrog describe buffer-utilities as a malicious npm brandjacking package in a Lazarus Group campaign; the package acts as a dropper that fetches and launches remote payloads.
On 2026-06-17, public reporting described an @mastra package-scope compromise that pushed easy-day-js as a malicious dependency across 140+ packages, executed a setup.cjs postinstall dropper, and exposed more than 1.1 million weekly downloads to second-stage credential theft and remote code execution behavior.
An attacker hijacked a Pythagora co-founder's GitHub account, force-pushed a Shai-Hulud credential-stealer to gpt-pilot's main branch, and lost the payload twice to ruff lint failures before any public downstream execution was shown.
Socket identified shai_hulululud@1.0.48596 as a deliberately packed npm package that appears designed to probe or disrupt AI-assisted malware review with prompt-injection text, safety-triggering comments, context flooding, and obfuscated JavaScript.